Offensive Security Team Lead

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innovate – and we want you along for the ride. This is a special place with a unique combination of brilliance, spirit, and just all-around great people. If you’re willing to do more, your career can take off. And since software is central to everyone’s lives, you’ll be part of an important mission. Thousands of customers, including the majority of the Fortune 100, trust JFrog to manage, accelerate, and secure their software delivery from code to production – a concept we call “liquid software.” Wouldn't it be amazing if you could join us on our journey?

As an Offensive Security Team Lead, you will spearhead JFrog’s offensive security operations and lead advanced threat research initiatives, playing a pivotal role in safeguarding our organization and customers from evolving cyber threats. You will develop and execute Red Team exercises, simulate real-world attacks, and identify security weaknesses in JFrog’s systems and applications. We seek a highly skilled, proactive tech leader who thrives in challenging environments and is passionate about advancing security research and offensive strategies.

As an Offensive Security Team Lead at JFrog, you will…

Lead, plan, design, and execute Red Team operations, threat modeling, and adversarial simulations against JFrog’s infrastructure and cloud environments

Drive threat research and intelligence initiatives to stay ahead of emerging cyber threats, attack techniques, and vulnerabilities

Develop and execute advanced attack scenarios to assess security defenses and provide actionable recommendations for improving JFrog’s security posture

Collaborate closely with security engineering, DevOps, and software development teams to implement findings and enhance our defenses

Lead the development of tooling, frameworks, and methodologies to automate and optimize Red Team exercises

Mentor and guide a team of security professionals, fostering a culture of innovation, collaboration, and continuous learning

Participate in incident responses when Red Team exercises reveal vulnerabilities, providing expertise on attack techniques, forensics, and post-attack mitigation

Continuously assess and improve security processes, playbooks, and threat detection mechanisms

To be an Offensive Security Team Lead at JFrog, you need…

7+ years of experience in offensive security operations, Red Teaming, threat hunting, or threat research

Deep knowledge of attack techniques, TTPs (Tactics, Techniques, and Procedures), adversary simulations, and threat-hunting methodologies

Hands-on experience with Red Team tools, frameworks (e.g., Metasploit, Cobalt Strike, Burp Suite), and custom exploit development

Strong experience with cloud platforms (AWS, GCP, Azure) and containerized environments (Kubernetes, Docker)

Familiarity with the MITRE ATT&CK Framework and its application in Red Team and threat-hunting scenarios

Proficiency with scripting and automation languages for tool development, threat detection, and attack simulation

Solid understanding of offensive security best practices, vulnerability management, threat detection, and advanced threat analysis

Ability to effectively communicate and collaborate with cross-functional teams, translating complex security concepts into actionable insights

A passion for continuous learning, research, and innovation in the fields of offensive security, threat hunting, and cyber threats

—--